Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
File:                     02QfqO0c_D2qI6qvjDp2_oftW6s.mft (raw, json)
Hash identifier:          e/X4azuZlzQDaRAmHcBk6XAffTkm+eRdmvkV0bIUriI=
Subject key identifier:   32:9B:5E:A8:AA:69:C0:00:89:86:C2:80:D2:65:E6:4E:32:82:F3:22
Authority key identifier: D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB
Certificate issuer:       /CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
Certificate serial:       0196AB0C05D420CCB9989300E6045C51618D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
Manifest number:          0BF9
Signing time:             Wed 07 May 2025 14:00:13 +0000
Manifest this update:     Wed 07 May 2025 14:00:13 +0000
Manifest next update:     Thu 08 May 2025 14:00:13 +0000
Files and hashes:         1: 02QfqO0c_D2qI6qvjDp2_oftW6s.crl (hash: TJx6GRvzMAjehZoK8Z/MjH+zAIvgqqWY8Y/tDehgn2A=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 08 May 2025 13:31:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:ab:0c:05:d4:20:cc:b9:98:93:00:e6:04:5c:51:61:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
        Validity
            Not Before: May  7 14:00:13 2025 GMT
            Not After : May  8 14:00:13 2025 GMT
        Subject: CN=329b5ea8aa69c0008986c280d265e64e3282f322
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:02:5f:4a:34:26:6d:a0:33:3a:ba:48:84:4a:
                    29:54:cb:e4:f8:0d:b3:56:a2:79:c5:04:c3:5a:47:
                    93:2c:74:ec:d6:48:65:b1:fe:0f:a2:b9:de:4a:91:
                    a4:0d:18:2f:2e:06:92:bc:2b:ac:4c:42:ea:12:00:
                    0b:a2:cb:d4:6a:09:4c:b1:f4:8d:45:18:b0:27:bd:
                    02:02:d4:ac:33:ae:80:2a:ae:a2:73:47:20:d9:a4:
                    f1:b3:18:40:18:f5:fe:f1:53:96:40:3a:ce:60:e3:
                    cf:e2:86:1f:b4:30:65:f8:f8:83:8b:a1:0a:fa:80:
                    49:11:e7:fe:ea:12:2c:f5:aa:c2:ef:73:4d:55:b2:
                    19:4e:73:2e:ff:55:50:aa:94:5f:18:9a:c2:da:0e:
                    e2:93:8a:ff:c4:09:7b:e5:73:d2:b4:2d:30:24:1a:
                    e5:1a:be:fe:d1:d2:ff:e6:96:5e:07:eb:5a:78:c8:
                    31:f7:12:90:0d:80:2f:bd:cb:00:85:31:ca:42:e0:
                    ae:3e:48:37:e8:9d:7e:3d:e9:76:23:53:fe:18:d3:
                    98:f5:c5:e2:7f:48:25:a7:c6:d6:33:bf:70:ca:07:
                    38:49:18:90:14:d6:ad:46:73:1a:ac:24:53:8a:96:
                    05:94:1c:9d:7a:61:ce:64:30:44:f6:c2:ec:1c:a9:
                    69:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:9B:5E:A8:AA:69:C0:00:89:86:C2:80:D2:65:E6:4E:32:82:F3:22
            X509v3 Authority Key Identifier:
                keyid:D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:ad:e3:a4:25:a2:1f:72:44:10:c2:62:a8:59:bd:b6:21:f4:
         79:ce:67:92:21:b8:7f:b4:2a:86:91:a0:df:79:b4:9b:cf:56:
         dc:08:77:f2:07:c6:a5:97:5d:d6:b1:e8:41:84:14:9a:d0:98:
         fa:11:ee:0d:e2:3e:ac:ac:d1:1e:97:3c:ff:11:bc:46:af:bf:
         dd:03:98:10:e2:9c:ca:27:13:56:8a:d4:ee:17:7d:c3:64:85:
         50:9b:71:f9:6c:92:15:da:f4:b0:bf:5b:e4:38:93:86:98:bd:
         45:02:30:e0:42:9a:83:44:ea:b6:b5:72:b1:a8:d5:42:5e:19:
         07:3d:0b:7e:48:31:97:e0:fb:59:31:f3:2e:a4:32:5d:3d:59:
         64:a9:07:6c:21:3e:de:e9:78:78:cd:23:4b:8d:f8:3a:51:83:
         47:a8:57:43:f6:d3:30:9a:ad:fb:08:f1:0e:25:9f:a0:a6:ac:
         d1:14:62:20:06:b4:8f:99:d0:c5:ec:de:a1:72:3e:88:fb:50:
         10:11:29:3e:ef:e5:9e:1d:d7:04:77:42:09:67:84:1a:f3:88:
         13:3a:96:7b:4f:53:c4:10:62:d2:7b:3f:96:01:0e:38:b6:a2:
         85:f9:45:cc:2f:cb:16:00:51:ea:2b:a2:17:ad:bd:b8:ef:f3:
         68:a8:00:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZarDAXUIMy5mJMA5gRcUWGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjQxZmE4ZWQxY2ZjM2RhYTIzYWFhZjhjM2E3NmZlODdl
ZDViYWIwHhcNMjUwNTA3MTQwMDEzWhcNMjUwNTA4MTQwMDEzWjAzMTEwLwYDVQQD
EygzMjliNWVhOGFhNjljMDAwODk4NmMyODBkMjY1ZTY0ZTMyODJmMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgJfSjQmbaAzOrpIhEopVMvk+A2z
VqJ5xQTDWkeTLHTs1khlsf4PorneSpGkDRgvLgaSvCusTELqEgALosvUaglMsfSN
RRiwJ70CAtSsM66AKq6ic0cg2aTxsxhAGPX+8VOWQDrOYOPP4oYftDBl+PiDi6EK
+oBJEef+6hIs9arC73NNVbIZTnMu/1VQqpRfGJrC2g7ik4r/xAl75XPStC0wJBrl
Gr7+0dL/5pZeB+taeMgx9xKQDYAvvcsAhTHKQuCuPkg36J1+Pel2I1P+GNOY9cXi
f0glp8bWM79wygc4SRiQFNatRnMarCRTipYFlBydemHOZDBE9sLsHKlpmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKbXqiqacAAiYbCgNJl5k4ygvMiMB8GA1UdIwQY
MBaAFNNkH6jtHPw9qiOqr4w6dv6H7VurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAt
OTk0MTk5MmM5YzI0LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAtOTk0MTk5MmM5YzI0
LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAea3jpCWi
H3JEEMJiqFm9tiH0ec5nkiG4f7QqhpGg33m0m89W3Ah38gfGpZdd1rHoQYQUmtCY
+hHuDeI+rKzRHpc8/xG8Rq+/3QOYEOKcyicTVorU7hd9w2SFUJtx+WySFdr0sL9b
5DiThpi9RQIw4EKag0TqtrVysajVQl4ZBz0Lfkgxl+D7WTHzLqQyXT1ZZKkHbCE+
3ul4eM0jS434OlGDR6hXQ/bTMJqt+wjxDiWfoKas0RRiIAa0j5nQxezeoXI+iPtQ
EBEpPu/lnh3XBHdCCWeEGvOIEzqWe09TxBBi0ns/lgEOOLaihflFzC/LFgBR6iui
F629uO/zaKgADw==
-----END CERTIFICATE-----